Security news that informs and inspires

All Articles

1660 articles:

China-Based Group Uses ScanBox Framework in Espionage Attacks

The group activity has overlaps with APT40, which has continued its “operational tempo” despite a previous indictment by the U.S. Department of Justice in 2021.


FTC Sues Data Broker For Selling Sensitive Location Data

The lawsuit against data broker Kochava is another step by the FTC to crack down on invasive data collection and sharing practices.

Data Privacy, Ftc

Attacker Stole Portion of LastPass Source Code

An attacker was able to compromise a developer account and steal a portion of the LastPass source code recently, the company said. But no customer data was affected.


Phishing Campaign Targets PyPI Project Maintainers

The PyPI maintainers say a new phishing campaign is targeting Python project maintainers and aiming to steal credentials and compromise projects.

Open Source Security, Pypi, Github

Iranian APT Using Custom Tool to Scrape Gmail, Outlook Inboxes

The Iranian APT group known as Charming Kitten has been using a new tool called HYPERSCRAPE to steal the contents of Gmail, Yahoo, and Outlook 365 inboxes.

Google, Iran

Bug in CrowdStrike Falcon Allows Removal of Security Agent

Researchers have disclosed a bug in some versions of CrowdStrike Falcon that allows an attacker with admin privileges to uninstall the security agent.


Cryptojacking Not Dead Yet

Microsoft has been tracking a recent cryptojacking campaign that abuses Windows binaries to stay hidden.


Russian APT Targets Microsoft 365 Features to Muddle Detection

APT29, the threat actor linked to the SolarWinds hack, is abusing various Azure features in recent attacks against organizations that influence the foreign policy of NATO countries.

Solarwinds, Microsoft

Decipher Podcast: Source Code 8/19

Welcome back to Source Code, Decipher’s news wrap podcast that includes input from our sources.

Podcast, Source Code

Cybercrime Group TA558 Ramps Up Email Attacks Against Hotels

The small cybercrime actor is upping its operational tempo in 2022 against hospitality organizations like hotels and travel companies.


Decipher Podcast: Chester Wisniewski and Peter Mackenzie

Peter Mackenzie, director of incident response at Sophos, and Chester Wisniewski, principal research scientist at Sophos, talk about why more ransomware attackers are clustering onto vulnerable networks - sometimes simultaneously.


Apple, Google Fix Zero Days Under Active Attack

Apple and Google have released fixes for iOS and macOS, and Chrome, respectively, to address bugs that have been exploited in the wild.

Apple, Google

CISA Warns of Ongoing Exploitation Against Zimbra Flaws

Attackers are eyeing known vulnerabilities in the Zimbra collaboration suite to target government and private sector organizations.

Vulnerability, Cisa

RubyGems Requires MFA for Popular Projects

RubyGems is now requiring projects with more than 180 million downloads to use MFA, and may extend the requirement to other projects.


Microsoft Disables Accounts Abused By Russian Threat Actor

Microsoft observed the threat actor, which it tracks as Seaborgium, targeting over 30 organizations since 2022 started.